Reports
Search reports, investigative results, and agency plansShowing 11 - 20 of 25 results
Tennessee Valley Authority OIG
Remote Application and Desktop Virtualization Client
The Office of the Inspector General audited the Tennessee Valley Authority’s (TVA) use of remote application and desktop virtualization client due to the risks of (1) potential system intrusion through misconfigurations and (2) continued elevated remote users during the COVID-19 pandemic. We found the configuration management control for TVA’s remote application desktop virtualization client was ineffective. However, we determined compensating access controls were in place to mitigate the risk to an overall acceptable level.
Special Inspector General for Pandemic Recovery
Weaknesses in Treasury’s CARES Act Loan Monitoring
Weaknesses in Treasury’s CARES Act Loan Monitoring
Special Inspector General for Pandemic Recovery
Interim Report: Audit of the Effects the Main Street Lending Program’s Loan Losses Have on Treasury’s Investment in the Program
Interim Report: Audit of the Effects the Main Street Lending Program’s Loan Losses Have on Treasury’s Investment in the Program
Special Inspector General for Pandemic Recovery
Audit of the U.S. Department of the Treasury’s Process for Its Direct Loan to YRC Worldwide, Inc. Under Section 4003 of the CARES Act
Audit of the U.S. Department of the Treasury’s Process for Its Direct Loan to YRC Worldwide, Inc. Under Section 4003 of the CARES Act
Special Inspector General for Pandemic Recovery
Interim Report: Audit of the Effects the Main Street Lending Program’s Loan Losses Have on Treasury’s Investment in the Program
Interim Report: Audit of the Effects the Main Street Lending Program’s Loan Losses Have on Treasury’s Investment in the Program
Special Inspector General for Pandemic Recovery
Roll-up of the Independent Review of 4003(b) Loan Recipients’ Validation Memos Audit Memorandum Number SIGPR-A-22-003-17
Roll-up of the Independent Review of 4003(b) Loan Recipients’ Validation Memos Audit Memorandum Number SIGPR-A-22-003-17
Small Business Administration OIG
COVID-19 and Disaster Assistance Information Systems Security Controls
This report presents the results of our audit to determine whether the U.S. Small Business Administration (SBA) maintained effective management control activities and monitoring of the design and implementation of third-party operated SBA systems. SBA needed information technology systems from third-party service providers that could improve the system efficiency and productivity to process high transaction volumes, transmit data between other information systems, and safeguard the integrity and confidentiality of the personally identifiable information processed by the programs. We found the...
Small Business Administration OIG
COVID-19 Economic Injury Disaster Loan Applications Submitted from Foreign IP Addresses
We evaluated the U.S. Small Business Administration’s (SBA) controls to flag or prevent potentially fraudulent Coronavirus Disease 2019 (COVID-19) Economic Injury Disaster Loan (EIDL) applications submitted from foreign Internet Protocol (IP) addresses. Although the agency implemented several layers of controls to prevent or reduce fraud from foreign countries, individuals at foreign IP addresses were able to access the COVID-19 EIDL application system. SBA received millions of attempts to submit COVID-19 EIDL applications from foreign IP addresses and stopped most of them; however, the agency...
Special Inspector General for Pandemic Recovery